52.163.120.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 24 18:35:58 mellenthin sshd[16209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.120.20 user=root Sep 24 18:36:00 mellenthin sshd[16209]: Failed password for invalid user root from 52.163.120.20 port 50950 ssh2	2020-09-25 01:15:03
attackbotsspam	2020-09-24T01:56:02.611671linuxbox-skyline sshd[110505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.120.20 user=root 2020-09-24T01:56:04.112511linuxbox-skyline sshd[110505]: Failed password for root from 52.163.120.20 port 48297 ssh2 ...	2020-09-24 16:52:32
attackbots	Jul 15 09:43:40 sso sshd[13403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.120.20 Jul 15 09:43:43 sso sshd[13403]: Failed password for invalid user admin from 52.163.120.20 port 21359 ssh2 ...	2020-07-15 15:57:20
attackspambots	Jul 14 15:53:35 Ubuntu-1404-trusty-64-minimal sshd\[12965\]: Invalid user invalid from 52.163.120.20 Jul 14 15:53:35 Ubuntu-1404-trusty-64-minimal sshd\[12965\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.120.20 Jul 14 15:53:35 Ubuntu-1404-trusty-64-minimal sshd\[12966\]: Invalid user invalid.torux.at from 52.163.120.20 Jul 14 15:53:35 Ubuntu-1404-trusty-64-minimal sshd\[12966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.120.20 Jul 14 15:53:37 Ubuntu-1404-trusty-64-minimal sshd\[12965\]: Failed password for invalid user invalid from 52.163.120.20 port 2349 ssh2	2020-07-15 02:09:29

Comments on same subnet:

IP	Type	Details	Datetime
52.163.120.96	attackbotsspam	prod6 ...	2020-05-02 12:54:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.163.120.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10608
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.163.120.20.			IN	A

;; AUTHORITY SECTION:
.			386	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071401 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 02:09:26 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 20.120.163.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.120.163.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.176.156	attack	Sep 1 15:24:05 pkdns2 sshd\[29446\]: Invalid user atul from 159.65.176.156Sep 1 15:24:07 pkdns2 sshd\[29446\]: Failed password for invalid user atul from 159.65.176.156 port 33297 ssh2Sep 1 15:27:32 pkdns2 sshd\[29591\]: Invalid user beo from 159.65.176.156Sep 1 15:27:34 pkdns2 sshd\[29591\]: Failed password for invalid user beo from 159.65.176.156 port 35344 ssh2Sep 1 15:31:02 pkdns2 sshd\[29745\]: Invalid user uftp from 159.65.176.156Sep 1 15:31:04 pkdns2 sshd\[29745\]: Failed password for invalid user uftp from 159.65.176.156 port 37370 ssh2 ...	2020-09-02 00:46:18
77.106.15.122	attackbotsspam	Unauthorized connection attempt from IP address 77.106.15.122 on Port 445(SMB)	2020-09-02 00:14:30
117.28.25.50	attackspambots	Sep 1 17:50:39 h1745522 sshd[16782]: Invalid user sistemas from 117.28.25.50 port 10483 Sep 1 17:50:39 h1745522 sshd[16782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.28.25.50 Sep 1 17:50:39 h1745522 sshd[16782]: Invalid user sistemas from 117.28.25.50 port 10483 Sep 1 17:50:41 h1745522 sshd[16782]: Failed password for invalid user sistemas from 117.28.25.50 port 10483 ssh2 Sep 1 17:55:02 h1745522 sshd[17516]: Invalid user admin from 117.28.25.50 port 10495 Sep 1 17:55:02 h1745522 sshd[17516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.28.25.50 Sep 1 17:55:02 h1745522 sshd[17516]: Invalid user admin from 117.28.25.50 port 10495 Sep 1 17:55:04 h1745522 sshd[17516]: Failed password for invalid user admin from 117.28.25.50 port 10495 ssh2 Sep 1 17:59:19 h1745522 sshd[18374]: Invalid user dines from 117.28.25.50 port 10510 ...	2020-09-02 00:03:31
79.170.40.168	attackspambots	Brute Force	2020-09-02 00:44:56
113.31.102.201	attackbotsspam	Sep 1 15:14:25 vmd36147 sshd[9276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.31.102.201 Sep 1 15:14:27 vmd36147 sshd[9276]: Failed password for invalid user elasticsearch from 113.31.102.201 port 48950 ssh2 ...	2020-09-02 00:43:49
45.129.33.57	attack	SmallBizIT.US 7 packets to tcp(3830,3831,3832,3834,3835,3838,3840)	2020-09-02 00:18:07
167.71.70.81	attackbots	167.71.70.81 - - [01/Sep/2020:16:23:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.70.81 - - [01/Sep/2020:16:23:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2000 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.70.81 - - [01/Sep/2020:16:23:22 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-01 23:58:06
221.207.36.167	attack	Port scan on 1 port(s): 4899	2020-09-01 23:58:46
27.3.6.129	attack	Unauthorized connection attempt from IP address 27.3.6.129 on Port 445(SMB)	2020-09-02 00:05:51
112.217.207.130	attackspambots	Sep 1 04:07:58 web9 sshd\[8743\]: Invalid user oracle from 112.217.207.130 Sep 1 04:07:59 web9 sshd\[8743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.217.207.130 Sep 1 04:08:00 web9 sshd\[8743\]: Failed password for invalid user oracle from 112.217.207.130 port 45986 ssh2 Sep 1 04:13:41 web9 sshd\[9392\]: Invalid user webadm from 112.217.207.130 Sep 1 04:13:41 web9 sshd\[9392\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.217.207.130	2020-09-02 00:04:08
168.181.120.19	attackbots	DATE:2020-09-01 14:30:30, IP:168.181.120.19, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-02 00:32:51
1.173.182.193	attack	Unauthorized connection attempt from IP address 1.173.182.193 on Port 445(SMB)	2020-09-02 00:09:03
112.133.194.58	attack	Automatic report - Banned IP Access	2020-09-02 00:28:25
193.33.114.53	attack	Sep 1 19:21:56 itv-usvr-02 sshd[2797]: Invalid user wsy from 193.33.114.53 port 50290 Sep 1 19:21:56 itv-usvr-02 sshd[2797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.33.114.53 Sep 1 19:21:56 itv-usvr-02 sshd[2797]: Invalid user wsy from 193.33.114.53 port 50290 Sep 1 19:21:58 itv-usvr-02 sshd[2797]: Failed password for invalid user wsy from 193.33.114.53 port 50290 ssh2 Sep 1 19:31:54 itv-usvr-02 sshd[3319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.33.114.53 user=root Sep 1 19:31:56 itv-usvr-02 sshd[3319]: Failed password for root from 193.33.114.53 port 34698 ssh2	2020-09-01 23:50:24
112.205.54.202	attackbots	Unauthorized connection attempt from IP address 112.205.54.202 on Port 445(SMB)	2020-09-02 00:04:44

Recently Reported IPs

125.227.155.102	103.69.45.126	114.26.226.224	245.100.191.236
113.104.241.6	58.152.99.89	119.45.122.102	54.187.2.68
45.179.252.76	173.252.95.36	187.159.116.86	167.114.10.73
200.75.198.226	88.82.61.182	189.26.79.44	197.246.224.221
197.210.64.232	121.155.175.146	90.224.199.216	151.55.170.147